Up to 1.1M payment cards compromised: Neiman Marcus

Neiman Marcus, the second high-profile retailer to reveal that it suffered a major data breach at its stores, said on Thursday that the credit and debit card information of 1.1 million shoppers could have been stolen by malicious software installed in its payment systems.

In an update on the company's website, CEO Karen Katz said that malware was used between July 16 and Oct. 30 to collect shoppers' payment data. To date, Visa, MasterCard and Discover have notified the department store that approximately 2,400 unique customer payment cards used at its Neiman Marcus and Last Call stores were subsequently used fraudulently.

"We deeply regret and are very sorry that some of our customers' payment cards were used fraudulently after making purchases at our stores," Katz said. "We have taken steps to notify those affected customers for whom we have contact information."

Katz said that social security numbers and birth dates were not compromised, and its Neiman Marcus and Bergdorf Goodman cards have not seen any fraudulent activity. Customers that shopped online were not affected, nor were PIN numbers, as the retailer does not use PIN pads in its stores.